Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/YgtGgiXK69MkIr1O2WyYLx2RDN4.roa
File: YgtGgiXK69MkIr1O2WyYLx2RDN4.roa (raw, json)
Hash identifier: mc9UjziS3dcEPYeKnKexs+T/jTgHNgdAxhHE5pB90o0=
Subject key identifier: 62:0B:46:82:25:CA:EB:D3:24:22:BD:4E:D9:6C:98:2F:1D:91:0C:DE
Certificate issuer: /CN=9f3720e970faa0e07f50a6389e7ae53afa439dab
Certificate serial: 103691D8
Authority key identifier: 9F:37:20:E9:70:FA:A0:E0:7F:50:A6:38:9E:7A:E5:3A:FA:43:9D:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nzcg6XD6oOB_UKY4nnrlOvpDnas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/YgtGgiXK69MkIr1O2WyYLx2RDN4.roa
Signing time: Sat 01 Jan 2022 16:02:36 +0000
ROA not before: Sat 01 Jan 2022 16:02:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205199
IP address blocks: 185.157.168.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 272011736 (0x103691d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f3720e970faa0e07f50a6389e7ae53afa439dab
Validity
Not Before: Jan 1 16:02:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=620b468225caebd32422bd4ed96c982f1d910cde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:1c:f8:07:5b:30:50:d2:60:61:87:4d:d6:1d:
22:83:ff:81:b5:e5:e3:26:12:2a:83:49:07:30:f6:
59:c1:03:50:c4:30:7e:5e:0f:4e:3b:d1:8e:0f:6e:
28:7c:37:34:9e:0f:23:cd:2e:27:70:f4:df:d3:84:
2b:a7:ff:b5:11:e7:c3:cd:b8:e8:68:e6:0e:f7:38:
d8:18:66:57:04:5c:51:89:53:ad:ee:da:ff:8b:b5:
44:2f:10:26:bf:a7:3c:86:bc:98:ef:6b:10:e1:36:
76:06:d2:68:1e:1a:1e:14:0c:93:95:4a:1f:df:f4:
c4:5e:f8:77:3d:4d:91:6e:ab:df:9e:c1:22:b9:98:
bb:49:42:0e:a4:85:4d:16:9b:61:51:2b:e3:c0:e2:
0b:57:4b:6e:a3:af:80:a4:a4:d9:f0:80:5d:1c:b4:
f7:2e:1d:09:b5:6e:1e:69:ed:98:bb:f2:a5:8e:5f:
4d:c0:3e:7a:46:52:a7:a7:ab:c6:d7:b1:c0:de:c1:
b1:58:3f:9c:cb:6b:80:b3:b4:20:a3:04:b8:d4:60:
1f:92:99:69:2e:08:9b:5a:7e:9e:f1:70:47:e2:73:
46:cc:4d:44:74:6a:f2:70:ac:0e:cf:3e:38:3f:00:
4d:8f:08:15:a6:1c:ad:ea:68:2c:67:21:94:03:c3:
af:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:0B:46:82:25:CA:EB:D3:24:22:BD:4E:D9:6C:98:2F:1D:91:0C:DE
X509v3 Authority Key Identifier:
keyid:9F:37:20:E9:70:FA:A0:E0:7F:50:A6:38:9E:7A:E5:3A:FA:43:9D:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzcg6XD6oOB_UKY4nnrlOvpDnas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/YgtGgiXK69MkIr1O2WyYLx2RDN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/nzcg6XD6oOB_UKY4nnrlOvpDnas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.168.0/22
Signature Algorithm: sha256WithRSAEncryption
02:ae:e0:e9:fa:99:cd:ed:d6:9d:76:45:33:01:8e:a9:5d:23:
72:20:80:b9:7d:27:a7:7f:d4:84:6c:6e:0b:7e:ce:53:06:43:
3a:1b:eb:eb:ab:f0:0e:3b:7c:a2:48:d4:cf:d0:0e:74:ae:a6:
7e:6f:11:6f:50:e0:82:71:50:23:cf:2f:fc:ee:fa:ba:25:bd:
5c:9d:ed:6b:29:e4:50:3a:c0:dd:01:e4:a7:0f:d5:5e:71:5a:
6a:61:23:98:35:b5:db:84:c5:b8:62:c7:43:00:87:04:8b:c8:
7b:ad:f9:28:c3:d0:9b:69:b4:c4:b5:cb:15:02:17:ae:8a:33:
ef:f0:da:82:c2:e6:9d:a3:37:18:cd:85:74:8e:41:6c:d1:d4:
54:06:46:8b:69:73:15:68:e4:0e:7c:62:44:45:60:b2:4d:f7:
88:b7:7c:10:f6:3d:24:29:38:7a:81:71:97:92:30:03:26:be:
6a:7c:8a:b9:b9:2a:5b:6b:59:af:02:bb:f2:00:fe:7c:8d:e8:
85:9d:b7:91:43:36:02:1c:d5:86:89:8c:48:bf:cd:02:2b:93:
0d:62:44:de:32:a7:c8:db:72:f6:14:01:1d:78:93:0d:69:9d:
cf:0c:d0:c9:3a:a0:ba:e8:d7:15:b8:70:e4:36:06:32:cb:f8:
af:3f:3f:15
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEDaR2DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZjM3MjBlOTcwZmFhMGUwN2Y1MGE2Mzg5ZTdhZTUzYWZhNDM5ZGFiMB4XDTIyMDEw
MTE2MDIzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjIwYjQ2ODIyNWNh
ZWJkMzI0MjJiZDRlZDk2Yzk4MmYxZDkxMGNkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKkc+AdbMFDSYGGHTdYdIoP/gbXl4yYSKoNJBzD2WcEDUMQw
fl4PTjvRjg9uKHw3NJ4PI80uJ3D039OEK6f/tRHnw8246GjmDvc42BhmVwRcUYlT
re7a/4u1RC8QJr+nPIa8mO9rEOE2dgbSaB4aHhQMk5VKH9/0xF74dz1NkW6r357B
IrmYu0lCDqSFTRabYVEr48DiC1dLbqOvgKSk2fCAXRy09y4dCbVuHmntmLvypY5f
TcA+ekZSp6erxtexwN7BsVg/nMtrgLO0IKMEuNRgH5KZaS4Im1p+nvFwR+JzRsxN
RHRq8nCsDs8+OD8ATY8IFaYcrepoLGchlAPDr9kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRiC0aCJcrr0yQivU7ZbJgvHZEM3jAfBgNVHSMEGDAWgBSfNyDpcPqg4H9Q
pjieeuU6+kOdqzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L256Y2c2WEQ2b09CX1VLWTRubnJsT3ZwRG5hcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvYmI3YzBlLWVlNjgtNGJmOC1iYjM0LTEyZTZhMGQ0MzE4YS8x
L1lndEdnaVhLNjlNa0lyMU8yV3lZTHgyUkRONC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
YmI3YzBlLWVlNjgtNGJmOC1iYjM0LTEyZTZhMGQ0MzE4YS8xL256Y2c2WEQ2b09C
X1VLWTRubnJsT3ZwRG5hcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmdqDANBgkqhkiG9w0BAQsFAAOC
AQEAAq7g6fqZze3WnXZFMwGOqV0jciCAuX0np3/UhGxuC37OUwZDOhvr66vwDjt8
okjUz9AOdK6mfm8Rb1DggnFQI88v/O76uiW9XJ3taynkUDrA3QHkpw/VXnFaamEj
mDW124TFuGLHQwCHBIvIe635KMPQm2m0xLXLFQIXrooz7/DagsLmnaM3GM2FdI5B
bNHUVAZGi2lzFWjkDnxiREVgsk33iLd8EPY9JCk4eoFxl5IwAya+anyKubkqW2tZ
rwK78gD+fI3ohZ23kUM2AhzVhomMSL/NAiuTDWJE3jKnyNty9hQBHXiTDWmdzwzQ
yTqguujXFbhw5DYGMsv4rz8/FQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:49 2024 by rpki-client on console-fra.rpki-client.org